zbMATH — the first resource for mathematics

Fully anonymous attribute tokens from lattices. (English) Zbl 1310.94177
Visconti, Ivan (ed.) et al., Security and cryptography for networks. 8th international conference, SCN 2012, Amalfi, Italy, September 5–7, 2012. Proceedings. Berlin: Springer (ISBN 978-3-642-32927-2/pbk). Lecture Notes in Computer Science 7485, 57-75 (2012).
Summary: Anonymous authentication schemes such as group signatures and anonymous credentials are important privacy-protecting tools in electronic communications. The only currently known scheme based on assumptions that resist quantum attacks is the group signature scheme by S. D. Gordon et al. [Asiacrypt 2010, Lect. Notes Comput. Sci. 6477, 395–412 (2010; Zbl 1253.94071)]. We present a generalization of group signatures called anonymous attribute tokens where users are issued attribute-containing credentials that they can use to anonymously sign messages and generate tokens revealing only a subset of their attributes. We present two lattice-based constructions of this new primitive, one with and one without opening capabilities for the group manager. The latter construction directly yields as a special case the first lattice-based group signature scheme offering full anonymity (in the random oracle model), as opposed to the practically less relevant notion of chosen-plaintext anonymity offered by the scheme of Gordon et al. We also extend our scheme to protect users from framing attacks by the group manager, where the latter creates tokens or signatures in the name of honest users. Our constructions involve new lattice-based tools for aggregating signatures and verifiable CCA2-secure encryption.
For the entire collection see [Zbl 1246.68059].

94A60 Cryptography
81P94 Quantum cryptography (quantum-theoretic aspects)
Full Text: DOI